Agape Blog

To address & debate internet security issues the World Council for Corporate Governance of UK (WCFCG) together with its associate the International Academy of Law, India (IAL), and in partnership with Cyber Law College are organizing an International Conference on Cyber Security in New Delhi on 29-30 Nov, 2008. The theme for the conference is “Legislation, Monitoring & Enforcement of Cyber Laws”.

Law makers, Governmental policy makers, Legislators, Business leaders, IT experts, eminent jurists, enforcement organizations, academics, bankers & reputation agents are expected to participate. This conference will aim for the formulation & implementation of holistic measures for development, legislation & enforcement of laws for Cyber Security to contain terrorism & promote public interest. Sharing of knowledge & experience of leading Information Technology Experts & Companies, enforcement agencies & jurists in adopting strategies & processes for improving Cyber Security.

Attending this conference would be some eminent personalities like Shri Kapil Sibal, Prof Howard A Schmidt, Dr. Robert Erbacher, Dr. PR Stephenson, Dr. Madhav Mehra and many more. Surely you cannot miss the opportunity of being a part of this conference.

For paticipation details, visit http://www.wcfcg.net

Paraben Corporation, the industry leader in handheld and mobile forensics, had launched  their mobile forensic certification program – PCME. Paraben’s Certified Mobile Examiner is the premier industry certification for mobile forensic examiners. Digital forensic examiners are faced with more and more types of digital evidence. The need for specialized mobile forensic examiners has created a need for certification. The certification requirements are stringent and solid which will make sure that the best examiners are only awarded the certification, thereby helping the forensic community. Thus, PCME is must for you as not only will it test your skills in handling the latest technologies, but it will also help in giving you a strong foothold in the forensic industry.

Paraben has based its training on a slightly different approach than other companies with a comprehensive 360° system that covers not only how to use technology but how the underlying device technology works. Having the company do a certification for mobile forensics was a natural progression. But Paraben has held its commitment to quality training by awarding the best certification out there. Unlike other training programs, Paraben’s PCME doesn’t focus solely on cell phones. This comprehensive approach to certification keeps in line with Paraben’s 360° approach to forensics. By covering cell phones, PDAs, hybrid devices, SIM cards, and even GPS devices and by combining both theory and device knowledge with practical examinations and thorough testing, Paraben’s certified examiners will be prepared for whatever the world of handheld forensics throws at them.

Details about how to become PCME certified can be found at Paraben’s training website at: http://www.paraben-training.com/pcme.html

Online frauds have increased and continues to increase at a rapid rate. One of the ways that the spammers have adopted recently is by targetting the social networking sites.

Initially, Orkut was a very large breeding ground for virus attacks. But now it has moved to MySpace and Facebook. In what is seen as a first-of-its kind attack on the social networking site Facebook, spammers have begun using two internet protocol (IP) addresses to infect unsuspecting users with a Trojan virus. The virus is disguised in a manner that entices the user as it is masquerading as official emails sent by the popular Web 2.0 social-networking site. When a user is added to another user’s friend list on the social network, as protocol Facebook sends an email to notify their users of this. However, the spammers included a zip attachment that purports to contain a picture in order to entice the recipient to double-click on it. The attached file is actually a Trojan horse, which is a virus that can corrupt the hard disk of the victim. This email is sent from a domain that closely resembles facebookmail.com, an official domain used by Facebook to notify its users.

One IP address is used to send the spam, while the other directs the user to attack site. This makes it difficult for the site vendor to block the malicious spam easily. Earlier, when spammers used one IP address to launch a spam or phishing attack, vendors found it easy to block the lone address. But with two IP addresses being the norm of the day, it is an indication that the spammers are now more sophisticated in their modus operandi.

Having focused on DNA forensics last week, this week i am presenting links that highlight more on the importance of other methods of forensics and how to make maximum use of forensics in crime investigation.

1. Can a forensics consultant rip off government? Thats what the Punjab government feels while establishing the Forensics Science Agency (FSA). Read more.
2. Data recovery is the process of retrieving computer data that, for any number of reasons, has become inaccessible using normal methods. In such cases some special methods are used to recover the data. Read more to know such methods.
3. Investigating Digital Crime. This is a book written by Robin Phillip Bryant in which he introduces comprehensive ways focusing on how criminals have adapted digital technologies. Rob Harle presents his review on the same. Read more.

The digital age has brought many advantages to individuals and businesses alike since it started. However, it has also brought a whole host of problems with it as well. More people can tap into technology for fraudulent or criminal means, which has, of course, made business far more vulnerable than it ever has been before. This is why the idea of using digital forensics in the public sector has become more and more prevalent over the past few years.

Specialists in digital forensics can determine whether any incident of misuse or criminal activity has taken place on a computer which enables the company and the police if necessary to take the appropriate action. Outsourcing such work is actually more cost effective than running internal departments.

It is not just employers that may benefit from digital forensics in the public sector today though. It may also help employees to prove their innocence in terms of an allegation that has been made and has essentially been reason for the termination of employment.

Online chatting is gained much appreciation amongst the youngsters early-on. But chatting online has become a very important means of communication as more and more people are using it for their official & personal works. And that means loads of digital evidence. As an examiner, you need a specialized tool to perform a thorough analysis of chat logs. Paraben’s Chat Examiner is a specialized forensic product that will will always be a must for you forensic toolkit. Chat Examiner supports ICQ, Yahoo, MSN, Trillian, Skype, Hello and Miranda. Some other basic features of the same are:

1. Compatible with Paraben’s P2 Examination Technology
2. Supports ICQ 1999-2003b, Yahoo, MSN 6.1, 6.2, 7.0, & 7.5, Trillian, Skype, Hello, & Miranda Chat Logs
3. Auto-search function helps locate Chat Logs
4. Complete bookmarking and reporting functionality
5. Advanced filtering and searching options
6. Open multiple chat databases in one workspace

This week has been very busy so far as we have been working hard for the release of our new mobile forensics product. This product will help the forensic investigators as it would be available in different versions.

Anyways, this week we are presenting the links which will provide helpful information about the importance of information security and the new updates to the rules. We hope they would be helpful for everyone.

1. Are You Familiar With the New E-Discovery Rules? Read more
2. 6 burning questions about network security. Read more
3. With so many ways for people to conduct their lives on the internet, their personal information ends up online. Safeguarding yourself against cyber threats becomes necessary. Read more

It’s a sensible initiative that is being taken by many Indian states to empower its law enforcement officers with forensic training. With the evolving technologies, criminals are making full use of them to execute their criminal activities. And in such a scenario, the law enforcement’s old methods fall flat as they are not acquainted with the technology and thus many crimes go unnoticed.

Recently the Karnataka state government announced a scheme to train police constables in forensic science, with a view to curb terrorism and major crimes, particularly in the light of the recent serial bomb blasts in Bangalore. This is part of government’s effort at modernising the State police and ensuring that they are tuned to the changing nature of crimes. After the completion of the training, the police constables will be designated as crime scene investigators. 

Around 876 police constables would be trained under the program which is set to be launched on October 13. The second batch of the same program would begin after the first batch is over and would consist of police constables from various police stations, railway police, women police and the traffic police. It is worth noting that Karnataka, which is a leader in forensic science among the police forces of the country, is the first State to evolve such a system. As an extension to the training programme, around 1000 CDs of the training module would be provided to all police stations in the state.

A police officer rushes on to a crime scene, plays with the computer and executes some 150 evidence gathering commands in 15 minutes. A scene from CSI? No, this is a common scene for investigating police officers; thanks to Microsoft.

Microsoft had released a free tool (Beta version) called - Computer Online Forensic Evidence Extractor (COFEE), that can be loaded onto a portable device such as a USB drive. COFEE automates some 150 evidence-gathering commands for computers in short time. This tool was available only to law enforcement agencies to test the functionality and strength of the tool. Being a Microsoft product, COFEE is designed to extract information from Windows-based systems only.

The best part with the tool is that an officer with “no or basic training” can extract the data in about 15 minutes and maintain its integrity. It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.

Many law enforcement agencies in around 15 countries, including Poland, Philippines, Germany, New Zealand and the United States have been using COFEE to crack a variety of online crimes and recover digital evidence. And seeing the success of the beta version, Microsoft has decided to roll out its release version soon, with more features.

Its Friday today and i am presenting some useful links on information security. Hope they benefit you all.

1. Only One In Ten Adults Trust The Government With Their Personal Information. Read more

2. BPO Frauds - How to tackle them? Read more

3. Everything that you wanted to know about Information Hiding. Read more